As if the Meltdown and Spectre CPU flaws weren’t bad enough on their own, Microsoft was somehow able to make the flaw even worse on Windows 7. According to Swedish security researcher Ulf Frisk, the fix that Microsoft provided to Windows 7 computers for the Meltdown flaw, which could allow attackers to read kernel memory at a speed of 120 KB/s, would now allow attackers to read the same kernel memory with a speed of gigabytes per second.

“Total Meltdown”

Frisk called the new vulnerability, which Microsoft introduced on Windows 7 machines while trying to fix the Meltdown flaw, “Total Meltdown.” The new bug allows any process to read the complete memory contents of the system, and it also makes it possible to write code to arbitrary memory, too.

According to Frisk, no special attack or technique was needed. All he had to do was take advantage of Windows 7’s mapping of memory contents that belong to running processes.

The main issue and mistake made by Microsoft is that the company set the PML4 page table permission bit to User instead of the kernel Supervisor. This made it so the memory that would normally be assigned to the kernel be assigned to every process, including those running with user-level privileges. The PML4 is the base of the 4-level in-memory page table hierarchy that the CPU Memory Management Unit (MMU) uses to translate the virtual addresses of a process into physical memory addresses in RAM.

A vulnerable system is "exploited" and the running processes are mounted with PCILeech. Process memory maps and PML4 are accessed.In Windows 10, the PML4 is mapped to a random address, while in Windows 7 and Windows Server 2008 R2 the PML4 is always mapped to the fixed address 0xFFFFF6FB7DBED000 in virtual memory. The PML4 doesn’t exist in 32-bit versions of Windows, so these versions have been unaffected by this flaw.

Frisk said that:

Once read/write access has been gained to the page tables it will be trivially easy to gain access to the complete physical memory, unless it is additionally protected by Extended Page Tables (EPTs) used for Virtualization. All one have to do is to write their own Page Table Entries (PTEs) into the page tables to access arbitrary physical memory.

Frisk also noted that Microsoft has already issued a fix for this bug earlier this month, after he alerted the company about it.

Patching In A Rush

Although Microsoft seems to have been one of the few companies that knew about Meltdown and Spectre earlier than the general public, it seems that the company was still able to bungle the release of the patches by rushing to fix the vulnerabilities as soon as possible.

Frisk’s revelation comes after Intel also botched the release of the Spectre variant 2 patch, which caused some rebooting issues for its customers. Microsoft and OEMs had to recall the patch for Windows machines. Microsoft's Meltdown and Spectre patches also caused some rebooting issues for older AMD systems, but the company blamed AMD on poor documentation.

Windows 7 is over, move along and stop the bleeding. George W Bush was president when Windows 7 was developed - that is 3 USA presidents ago and the iPad didn't even exist. You can get a text message on a mobile phone but believe it or not some people are still using beepers and whining about it.

LORD_ORION

"Ooh... see Windows 7 is so vulnerable... you better switch to Windows 10."-Microsoft

hannibal

Well at least this time the finder was professional and did give MS time to fix this before telling about it to all hackers unlike some amatour companies...

Myrmidonas

I want a stable operating system to do my job. I am no labrat and I do not run like an idiot inside test labyrinths (W10 privacy settings), while being constantly injected with various unstable substances (creator updates!), for the crazy scientist (MS) to observe my reactions.

I have paid for my operating system and I want it to operate the way I want and meets my needs. Sorry if you are butthurt (random W10 user), because we do not share your stupidity.You paid nothing and the OS does not belong to you to configure it the way you want. It belongs to MS and they are entitled to do as they please (and rape) on your machine. What? Didn't you read the licence agreement? Better luck next time.

Well im not saying that Windows isn't bad, but, for Pete's sake, let me allow when to update, not when "you" want to update.But as i've never read license agreement... neither i want to. Well if hacker wants to use my PC, ill let it, because i dont have any important data .

lakimens

1299045 said:

Windows 7 is over, move along and stop the bleeding. George W Bush was president when Windows 7 was developed - that is 3 USA presidents ago and the iPad didn't even exist. You can get a text message on a mobile phone but believe it or not some people are still using beepers and whining about it.

I swear, you people are unbelievable. Is it better that I get a BSOD every day on my "Donald Trump" Windows 10? I didn't get any BSOD on my "BUSH" Windows 7.

redgarl

It's probably AMD fault again.

USAFRet

1367942 said:

I swear, you people are unbelievable. Is it better that I get a BSOD every day on my "Donald Trump" Windows 10? I didn't get any BSOD on my "BUSH" Windows 7.

And having run Win 10, since Day 1 of the Tech Preview, on various hardware...The number of BSOD's I've had can be counted on one hand. If I cut off 4 fingers.

decker.davison

I just upgraded to windows 10 from win7 when i also replaced my raid array this week. I was concerned about mounting potential vulnerabilities in less supported now termed "legacy" OS, win7. Newer is always better, right?Wrong!

Well, long story short, while troubleshooting driver incompatibilities between my older hardware's utilities+drivers from 2012 and windows 10, I managed to accidentally short my ga-z77x-ud5h rev 1.0 motherboard and am getting the 15->36->32(hangs on 32) mobo debug code the resets in a loop while attempting to POST. I cleared the cmos which didnt work then switched to the backup bios (dual-bios) and got it working again until i accidentally shorted it, im guessing from stupidly plugging in power connections of devices to the motherboard while it was already powered on- causing mobo to immediately reset, AGAIN while running on the backup bios too the second time and now neither bios will post. Cpu fan wont turn on anymore and accidentally corrupted both cmos chips most likely and bricked the mobo. Please PM me or something if your a uber-techy and can provide me a potential solution.

Before I screwed it up, windows 10 seemed tailored for tablet/mobile + touchscreen and appear to more similar to Android.Don't even get me started on Cortana.... who actually wants to add a microphone to their desktop?Thanks microsoft for making a bloated upgrade and abandoning simplicity.... at least 10 did away with the horrid "start screen" and went back to just a start menu overlay like a good gui

10tacle

1299045 said:

Windows 7 is over, move along and stop the bleeding. George W Bush was president when Windows 7 was developed - that is 3 USA presidents ago and the iPad didn't even exist. You can get a text message on a mobile phone but believe it or not some people are still using beepers and whining about it.

I understand your point about moving on, but a LOT of people out there reject MS's rather invasive approach with Windows 10. I have it on my general use laptop that I don't care about who sees what (got the free upgrade from Win7) but am still running Win7 on my gaming rig. I am holding out for what comes next beyond Win10 or the 2020 EOL extended support of Win7, whichever happens first.

Heck I only just retired Windows Vista two years ago on my 1080p backup gaming rig for looming non-support security reasons. A PC I built in 2009. And to put things in perspective, it was not too long ago that people and even businesses finally moved on from Windows XP - and only then for a lack of support. We should never be forced to upgrade OS's every three or four years.

People complained about Vista, but Windows 8/8.1 was a disaster as the shortest running OS in recent history (2012 -> 2015). Remember all the complaining from users when Win8 removed the start button and menu? You don't design a PC user interface people have been familiar navigating with since Windows 95 that is really more useful for touch screens, tablets, and smart phones.

2669106 said:

Cpu fan wont turn on anymore and accidentally corrupted both cmos chips most likely and bricked the mobo. Please PM me or something if your a uber-techy and can provide me a potential solution.

Hi. I would suggest you start a new thread in the forums for any assistance for your issue. You will reach a wider audience who can possibly help.

0InVader0

Thank god I didn't update in 2 months, lol. Buying the Professional edition was worth it.

Anyways, when the support ends in 2020, and the next Windows will be garbage again, I'll be staying on Linux Mint (with Cinnamon) for good. It's everything I would expect from a new windows.

Hell, it's even more stable than windows - that's something I never thought I'd live to say. Mint just works out of the box. The extra buttons on my mouse work without even installing anything. My USB headset works perfectly.

Meanwhile, when I installed Win7 on my new computer, my had issues with my audio and network drivers. The settings from my old computer got migrated poorly too.

I'll miss my videogames ;_;

rickrusselljr

1279557 said:

I want a stable operating system to do my job. I am no labrat and I do not run like an idiot inside test labyrinths (W10 privacy settings), while being constantly injected with various unstable substances (creator updates!), for the crazy scientist (MS) to observe my reactions.
I have paid for my operating system and I want it to operate the way I want and meets my needs. Sorry if you are butthurt (random W10 user), because we do not share your stupidity.You paid nothing and the OS does not belong to you to configure it the way you want. It belongs to MS and they are entitled to do as they please (and rape) on your machine. What? Didn't you read the licence agreement? Better luck next time.
Thank you

It is true, when you pay nothing for the product, you are the product.

bytemeh

"Remember all the complaining from users when Win8 removed the start button and menu? You don't design a PC user interface people have been familiar navigating with since Windows 95 that is really more useful for touch screens, tablets, and smart phones."

Yes and that is the core of the problem which is now an Apple IOS problem. Once you reach a mature, stable, solid and useful OS like Win7 there is nothing else to do. From there people end up throwing on non-value add apps and services nobody wants to try and give marketing a chance of selling it. Look at the latest IOS phone, they are advertising how you can look like an animal when you talk - incredibly useful for a $1K phone. MS needs to bring back Windows 7 with the security features and advancements of Win10. The UI should be exactly Win7 which was perfect and to your point what every MS user was used to and loved. Moving around things, creating new control panels, hiding admin features, all just pisses every customer they have off for the sake of new and different. Get a clue MS, nobody likes your new and different. Make it all behind the scenes stuff and not interfere with the EuX and UI.

Karadjgne

Reason why I prefer Win7: I can actually do stuff with it, my way, when I want to. Reason why I don't prefer Win10: it actually tries to do everything for me, it's way, when it wants to.

bytemeh

Oh and don't even get me started how I see candy crush, xbox and minecraft on every new business PC start menu. It looks like a Tokyo street at night that new menu. How could you possibly be so far off the mark in terms of what your customers want? I will consult for your for free just to improve the EuX and rid myself of this frustration.

lakimens

1282023 said:

1367942 said:

I swear, you people are unbelievable. Is it better that I get a BSOD every day on my "Donald Trump" Windows 10? I didn't get any BSOD on my "BUSH" Windows 7.

And having run Win 10, since Day 1 of the Tech Preview, on various hardware...
The number of BSOD's I've had can be counted on one hand. If I cut off 4 fingers.

Mind telling me how to achieve that? What am I doing wrong? My windows is up to date..

Karadjgne

Read. While USAFRet does have an advantage, he's here all the time and reads/answers posts all the time, he also reads the news. And the gossip. And the gripes. 2 main causes of bsod are driver conflicts (especially after an MS big update) and OC. If OC isn't a thing, then you are 80% down to drivers. Sometimes it's as simple as keeping everything else, other than windows, up to date. When was the last time you searched the mobo vendor website for updated patches or new driver releases? Win10CE had good sized issues with many 32bit and 'legacy' mobo drivers, especially those from Realtek (audio), whose closed-end drivers didn't cooperate with 64bit OS and Win10CE native drivers. Updated bios? Sata controller, USB family etc? Cleaned all the gunk out of your registry lately?

I've been running Win10Pro (free update from MS Win7Pro) since just before the Creator's update. BSOD = 0 on a Z77 mobo. Bsod's from OC attempts = I ran out of fingers and toes 6 months ago.

razor512

Microsoft is deliberately taking steps to patch the OS as poorly as possible. for example, while the code needed to allow it is there, Microsoft refuses to enable PCID and INVPCID on windows 7. This is to ensure that they will have an excuse to proactively slow the system down.

Olle P

60597 said:

Well at least this time the finder was professional and did give MS time to fix this before telling about it...

To be fair, the "fix" was available even before the problem was created!(And the mishap also apply to Windows Server 2008 R2.)

The fix is to re-install some of the updates from January and March.

lakimens

1011591 said:

Read. While USAFRet does have an advantage, he's here all the time and reads/answers posts all the time, he also reads the news. And the gossip. And the gripes. 2 main causes of bsod are driver conflicts (especially after an MS big update) and OC. If OC isn't a thing, then you are 80% down to drivers. Sometimes it's as simple as keeping everything else, other than windows, up to date. When was the last time you searched the mobo vendor website for updated patches or new driver releases? Win10CE had good sized issues with many 32bit and 'legacy' mobo drivers, especially those from Realtek (audio), whose closed-end drivers didn't cooperate with 64bit OS and Win10CE native drivers. Updated bios? Sata controller, USB family etc? Cleaned all the gunk out of your registry lately?
I've been running Win10Pro (free update from MS Win7Pro) since just before the Creator's update. BSOD = 0 on a Z77 mobo. Bsod's from OC attempts = I ran out of fingers and toes 6 months ago.

I've not updated drivers since my last format, maybe 3-4 months ago. I am using Realtek, so if you're saying they're the most volatile, I'll update them and the chipset with it too, will see how it goes. I actually haven't installed drivers, it's all what Windows installed for me, I just thought it's getting new versions.

bloodroses

1367942 said:

1299045 said:

Windows 7 is over, move along and stop the bleeding. George W Bush was president when Windows 7 was developed - that is 3 USA presidents ago and the iPad didn't even exist. You can get a text message on a mobile phone but believe it or not some people are still using beepers and whining about it.

I swear, you people are unbelievable. Is it better that I get a BSOD every day on my "Donald Trump" Windows 10? I didn't get any BSOD on my "BUSH" Windows 7.

Hell, lets run a "Ronald Regan" Windows 1.0. That thing never BSOD. I'm sure there's people out there that complain to this day that Microsoft doesn't support it anymore (just like the people regarding XP or any other legacy Windows)

Karadjgne

Can't remember ever seeing a DOS bsod that wasn't OC related....

lakimens

1069610 said:

1367942 said:

1299045 said:

Windows 7 is over, move along and stop the bleeding. George W Bush was president when Windows 7 was developed - that is 3 USA presidents ago and the iPad didn't even exist. You can get a text message on a mobile phone but believe it or not some people are still using beepers and whining about it.

I swear, you people are unbelievable. Is it better that I get a BSOD every day on my "Donald Trump" Windows 10? I didn't get any BSOD on my "BUSH" Windows 7.

Hell, lets run a "Ronald Regan" Windows 1.0. That thing never BSOD. I'm sure there's people out there that complain to this day that Microsoft doesn't support it anymore (just like the people regarding XP or any other legacy Windows)

It's not that it's not a good OS, it's the fact that they make you use something that is not finished and they experiment with. That is not okay.

Karadjgne

That's unavoidable. The last, best, most stable version of windows was Win95C. Since then, every new version of Windows is good, as far as they can test it on multiple platforms and multiple different setups. But multiple is limited. Release the OS and you go from multiple to exponential different pc's, with all sorts of different platforms apps, aged drivers, random bs games, specialized software etc. With the sheer amount on internet downloadable junk, there's absolutely no way MS can accommodate every single instance of code access, scripting, or forsee exactly how that'll affect the base OS code.

So they get the OS as good as they think it can be, then ship it worldwide and wait for the bug reports, user complaints etc to roll on, so they can address the issues.

Older versions of Windows only had to deal with AOL, Netscape, Yahoo and a handful of BBS. Now it's got to deal with the Pandora's Box that's the Internet of today.